Select User Identification Service for NGFW Engines

You can select the User Identification Service for each NGFW Engine in the Engine Editor.

Each User Identification Service can be associated with one or more NGFW Engines, but only one User Identification Service can be selected for each NGFW Engine.
Note: The Integrated User ID Service is primarily meant for demonstration purposes and proof-of-concept testing of user identification services.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Right-click the NGFW Engine for which you want to select a Forcepoint User ID Service, a McAfee Logon Collector, or an Integrated User ID Service element, then select Edit <element type>.
  3. In the navigation pane on the left, browse to Add-Ons > User Identification.
  4. Select the User Identification Service element that represents the server with which this NGFW Engine communicates.
    Note: For Forcepoint NGFW version 6.4 or higher, we recommend that you use the Forcepoint User ID Service.
  5. (Optional) Configure the additional settings.
  6. Click Save.

Engine Editor > Add-Ons > User Identification

Use this branch to select a User Identification Service element.

Option Definition
User Identification Service The Forcepoint User ID Service, McAfee Logon Collector, and Integrated User ID Service provide user, group, and IP address information that can be used in transparent user identification.

The Integrated User ID Service is primarily meant for demonstration purposes and proof-of-concept testing of user identification services.

  • Select — Allows you to select an existing Forcepoint User ID Service, McAfee Logon Collector, or Integrated User ID Service element.
  • None — Disables transparent user identification.
Note: For Forcepoint NGFW version 6.4 or higher, we recommend that you use the Forcepoint User ID Service.
Network Filters section (When a Forcepoint User ID Service element is selected)
IP Ranges

(Optional)

To prevent the NGFW Engine from receiving too many logon events, specify the IP address ranges of networks from which to receive logon events.

Click Add to add an element to the list, or Remove to remove the selected element.

We recommend adding the IP address ranges of networks for which the NGFW Engine routes traffic.

Note: Network filters do not exclude other IP addresses outside of the specified IP address range if a user has at least one logon in the specified IP address range. The NGFW Engine might still receive logon events from other IP address ranges.